[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: routing question!? ( summary )

Hi everyone,

There was a few options I had for my problem below:

(1) Route the invidual ips from the router through the firewall
iptables will be difficult to set up cause all traffic goes through one interface, but its possible

(2) make two subnets of 8 addresses each and have another 16 addresses and route through the firewall, this way u have a propper DMZ
This is the propper way to do this, but u will need a bigger network, cause u can lose alot of ips

(3) Third option is to use Proxy ARP, brilliant idea, but I would test this first
here is the howto http://www.sjdjweis.com/linux/proxyarp/

Thanks for all the answers: Tom Yates, Brett Geer and all the others

Cheers

---------------------------------------------------------------------------------------------------------------

I need to find the most sufficient way any of u guys can help me with!,

I've got a client with the network:
I'm gonna give an example network for security reasons:

His got the network 196.44.44.96/27

At the moment the network looks like this:
196.44.44.96/27
196.44.44.97    -> Router
196.44.44.98    -> Client Router
196.44.44.99                                -> Client Router
196.44.44.100    -> My new sexy Redhat Firewall
              .101    -> dns server
              .102    -> Webserver

and so on

Internal Network:
192.168.0.0/24

What I'm doing at the moment is adding on the router(97) routes for .101, .102 etc through 196.44.44.100 ( 1st question: is that fine? )

My iptables is quite difficult to set up like this, cause everything goes through one interface on the firewall router

What will be a the optimal way of doing this?

My opinion is to create 3 subnets:
196.44.44.96/29
196.44.44.104/29
196.44.44.112/28

and add routes on the router(97) to route 196.44.44.104/29 and 112/28 through 97 and have each network subnet logicaly the way it should be!?

Help will really be appreciated

Thanks


--
Hemisphere Technologies
Tel: +27 21 670 3940 / 086 111 0808
Fax: +27 21 670 3979 / 086 111 0707
http://www.hemtech.co.za
_______________________________________________
LinuxManagers mailing list - http://www.linuxmanagers.org
submissions: LinuxManagers@linuxmanagers.org
subscribe/unsubscribe: http://www.linuxmanagers.org/mailman/listinfo/linuxmanagers

[Home]     [Kernel List]     [Linux SCSI]     [Video 4 Linux]     [Linux Admin]     [Yosemite News]     [Motherboards]

Powered by Linux